safecasualdating69.com Open in urlscan Pro
162.0.229.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://safecasualdating69.com/
Submission: On October 11 via manual (October 11th 2021, 11:04:55 am UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 14 domains to perform 36 HTTP transactions. The main IP is 162.0.229.226, located in United States and belongs to NAMECHEAP-NET, US. The main domain is safecasualdating69.com.

This is the only time safecasualdating69.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tinder (Online)

Domain & IP information

	IP Address	AS Autonomous System
12	162.0.229.226 162.0.229.226	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 1	213.227.156.193 213.227.156.193	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:20:... 2606:4700:20::681a:415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.201.211.101 54.201.211.101	16509 (AMAZON-02) (AMAZON-02)
1 9	163.171.128.172 163.171.128.172	54994 (QUANTILNE...) (QUANTILNETWORKS)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
36	9

12 162.0.229.226 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium124-4.web-hosting.com

safecasualdating69.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.193 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

best.elitelovetrc.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:415 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.trackdemclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.211.101 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-211-101.us-west-2.compute.amazonaws.com

www.sec-trk-lnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 163.171.128.172 (Germany) 1 redirects

ASN54994 (QUANTILNETWORKS, US)

enlistopenly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
enter-shield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.openlyenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	safecasualdating69.com safecasualdating69.com	983 KB
7	enter-shield.com enter-shield.com	54 KB
5	gstatic.com fonts.gstatic.com	126 KB
3	fontawesome.com kit.fontawesome.com ka-p.fontawesome.com	62 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	aspnetcdn.com ajax.aspnetcdn.com	129 KB
1	google-analytics.com ssl.google-analytics.com	17 KB
1	jquery.com code.jquery.com	30 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	openlyenter.com geoip.openlyenter.com	695 B
1	enlistopenly.com 1 redirects enlistopenly.com	648 B
1	sec-trk-lnk.com 1 redirects www.sec-trk-lnk.com	614 B
1	trackdemclicks.com 1 redirects www.trackdemclicks.com	1 KB
1	elitelovetrc.info 1 redirects best.elitelovetrc.info	473 B
36	14

	Domain	Requested by
12	safecasualdating69.com	safecasualdating69.com
7	enter-shield.com	safecasualdating69.com enter-shield.com
5	fonts.gstatic.com	fonts.googleapis.com enter-shield.com
3	fonts.googleapis.com	safecasualdating69.com enter-shield.com
2	ka-p.fontawesome.com	kit.fontawesome.com
2	ajax.aspnetcdn.com	enter-shield.com
1	ssl.google-analytics.com	enter-shield.com
1	kit.fontawesome.com	enter-shield.com
1	code.jquery.com	enter-shield.com
1	cdnjs.cloudflare.com	enter-shield.com
1	geoip.openlyenter.com	enter-shield.com
1	enlistopenly.com	1 redirects
1	www.sec-trk-lnk.com	1 redirects
1	www.trackdemclicks.com	1 redirects
1	best.elitelovetrc.info	1 redirects
36	15

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.enter-shield.com AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2022-07-31`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.openlyenter.com AlphaSSL CA - SHA256 - G2	`2021-01-04` - `2022-02-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 2 frames:

Primary Page: http://safecasualdating69.com/
Frame ID: 053BEE70C0584B5829A9E19639E65436
Requests: 14 HTTP requests in this frame

Frame: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Frame ID: 9F17BB0AB9AB8813782A4DAA47F65B2F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe Dating - Personal Meetings

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

67 %
HTTPS

58 %
IPv6

14
Domains

15
Subdomains

9
IPs

3
Countries

1410 kB
Transfer

1981 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://best.elitelovetrc.info/click?pid=914&offer_id=123 HTTP 302
https://www.trackdemclicks.com/tracking/click/?mt=446632&ofid=257&x1=61641a50728b17000165d372&sid=914 HTTP 302
https://www.sec-trk-lnk.com/ep.php/prmafrts:71686/68114:446632-.8184b2b8c3515f448894c9d83484aa39 HTTP 302
https://enlistopenly.com/signup/?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password= HTTP 302
https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
safecasualdating69.com/ 4 KB
2 KB 309ms
297ms Document
text/html 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9dc081383b4871d3a02c315bd5e0dbbd8e6c8b9c7c71cc9b3495abe8f0530655

Request headers

Host: safecasualdating69.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

keep-alive: timeout=5, max=100
content-type: text/html
last-modified: Sun, 03 Oct 2021 19:32:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1878
date: Mon, 11 Oct 2021 11:04:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 54ms
21ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:400,300,700

Requested by

Host: safecasualdating69.com
URL: http://safecasualdating69.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bf0c008b8a8e4b48c1734ff85580f8b3bf2ff8829e096ed2d759a335c38b006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:01:58 GMT
server: ESF
date: Mon, 11 Oct 2021 11:04:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK normalize.css
safecasualdating69.com/css/ 8 KB
3 KB 171ms
162ms Stylesheet
text/css 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://safecasualdating69.com/css/normalize.css
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 2921
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK skeleton.css
safecasualdating69.com/css/ 12 KB
3 KB 308ms
292ms Stylesheet
text/css 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://safecasualdating69.com/css/skeleton.css
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 3046
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK style.css
safecasualdating69.com/css/ 11 KB
4 KB 308ms
292ms Stylesheet
text/css 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://safecasualdating69.com/css/style.css
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2911de3c20ebdd535d1ddc0b1a83e93692c1cf68499e0031c3e33e7c4ddcc8a0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 3367
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK logotin.png
safecasualdating69.com/images/ 160 KB
160 KB 308ms
291ms Image
image/png 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/logotin.png
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6a0d9a4a6da6d7c7bdb16b333fc573cb5af9e793de362c7fecf313ab88cf528a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 163611
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK logosdf1.png
safecasualdating69.com/images/ 23 KB
24 KB 309ms
294ms Image
image/png 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/logosdf1.png
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 24034
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK err_btn.png
safecasualdating69.com/images/ 9 KB
9 KB 310ms
296ms Image
image/png 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/err_btn.png
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d3d63b7935a380583eff779be162760e9773c3d83d63fd81e0449aea76e794c8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 8990
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK 1.jpg
safecasualdating69.com/images/ 202 KB
202 KB 153ms
152ms Image
image/jpeg 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/1.jpg
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: d96d6c7d72113fbff993954d85934754f8743a4fc6d18124aa35c464a0e06ab1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 206801
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK 2.jpg
safecasualdating69.com/images/ 201 KB
202 KB 151ms
150ms Image
image/jpeg 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/2.jpg
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 061127e49a90e7f609551e12a8a36d7a7b25103fb5566607732726af81839c8e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 206207
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK 3.jpg
safecasualdating69.com/images/ 170 KB
170 KB 155ms
155ms Image
image/jpeg 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/3.jpg
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: e7ec422b20c12092e5ae042e5af9199a57f09dadc853d38253d22cdf965a6ed8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 174179
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK 4.jpg
safecasualdating69.com/images/ 195 KB
195 KB 151ms
150ms Image
image/jpeg 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/4.jpg
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9e4ec43012e369083ded9e256bb6309204c8c2ce4383a6f00c23d26bbbf83b96

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 199743
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H/1.1 200
OK as-seen-on.gif
safecasualdating69.com/images/ 8 KB
8 KB 268ms
152ms Image
image/gif 162.0.229.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safecasualdating69.com/images/as-seen-on.gif
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: HTTP/1.1
Server: 162.0.229.226 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium124-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://safecasualdating69.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:48 GMT
last-modified: Tue, 21 Sep 2021 18:09:25 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 7730
expires: Mon, 18 Oct 2021 11:04:48 GMT

GET
H2

200

join.php Show response
enter-shield.com/join/ Frame 9F17
Redirect Chain

http://best.elitelovetrc.info/click?pid=914&offer_id=123
https://www.trackdemclicks.com/tracking/click/?mt=446632&ofid=257&x1=61641a50728b17000165d372&sid=914
https://www.sec-trk-lnk.com/ep.php/prmafrts:71686/68114:446632-.8184b2b8c3515f448894c9d83484aa39
https://enlistopenly.com/signup/?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=
https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O

12 KB
5 KB

736ms
710ms

Document
text/html

163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Requested by: Host: safecasualdating69.com
URL: http://safecasualdating69.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: 7ea84c29fdf1ecdc97caf7604e6cd1dbf625862821057f14b82f02a00701af9d

Request headers

:method: GET
:authority: enter-shield.com
:scheme: https
:path: /join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://safecasualdating69.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://safecasualdating69.com/

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
content-type: text/html; charset=UTF-8
server: waf/4.26.4-19.el6
set-cookie: PHPSESSID=06b8543732693fdd55e735a180a62aa7; path=/; secure; SameSite=None HMF_CI=824c1ca96cb0d2526250bef58184683144b0818ed061f1826d48e6eb5fe1360504; Expires=Wed, 10-Nov-21 11:04:51 GMT; Path=/
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
x-via: 1.1 lsh190:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:13 (Cdn Cache Server V2.0)
x-ws-request-id: 61641a52_localhost_48770-14188

Redirect headers

date: Mon, 11 Oct 2021 11:04:50 GMT
content-type: text/html; charset=UTF-8
server: waf/4.26.4-19.el6
set-cookie: PHPSESSID=056d77879754f63203532ec2f34dd93e; path=/; secure; SameSite=None HMF_CI=8f8ea34fc3903819f8eedd50836c5c66d5fb9cec3f358771d07a1bb4a44a7db13e; Expires=Wed, 10-Nov-21 11:04:50 GMT; Path=/
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
x-via: 1.1 lsh190:2 (Cdn Cache Server V2.0), 1.1 kf230:13 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:11 (Cdn Cache Server V2.0)
x-ws-request-id: 61641a52_localhost_47915-50334

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v14/ 35 KB
35 KB 38ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v14/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2826f9525d9ff7b1d86065eb761da940e70856e239875b04e0e67a7c0edf3d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://safecasualdating69.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:19:37 GMT
x-content-type-options: nosniff
age: 542711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35628
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:25:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:19:37 GMT

GET
H2 200 / Show response
geoip.openlyenter.com/ Frame 9F17 399 B
695 B 621ms
162ms Script
application/javascript 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.openlyenter.com/?v=1
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: 9143b17e79719449bb7e315e4a2a84b456e6fb39486c4232ce7e36b92ad02d42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 11:04:52 GMT
server: waf/4.26.4-19.el6
x-ws-request-id: 61641a54_localhost_709-15790
x-via: 1.1 lsh190:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:9 (Cdn Cache Server V2.0)
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript
expires: 0

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 9F17 37 KB
7 KB 42ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2917840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5884
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PppD0g0I4AvP9oBxXuMZzpqn4TZHKsZnO3sH3JG2tjRHBEvv3aZH8kNkQwUdpEFJqlP2Le33G9YhpKMBL78VNetj%2BTJeP3d%2BeQ6zYTS%2B3bNx3NX%2Fy6baYV9uH7K9E6nqiybW8we0scIfDqh%2BvZtOheha"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69c79c2bad8e7052-FRA
expires: Sat, 01 Oct 2022 11:04:51 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 9F17 569 B
464 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:04:51 GMT
server: ESF
date: Mon, 11 Oct 2021 11:04:51 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 11:04:51 GMT

GET
H2 200 bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ Frame 9F17 118 KB
119 KB 39ms
10ms Stylesheet
text/css 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1B) /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (frc/8F1B)
age: 7204474
etag: "794840f2cb33d21:0"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 121200
x-xss-protection: 1; mode=block

GET
H2 200 cejfxr2.css
enter-shield.com/common_tpls/compactML/css/ Frame 9F17 39 KB
8 KB 10ms
9ms Stylesheet
text/css 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://enter-shield.com/common_tpls/compactML/css/cejfxr2.css
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: fcc3c0dd45f22d3bd5d08fcf8a6885da5dde6d5b52998c7213605ae3a5259a30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 18:03:44 GMT
server: waf/4.26.4-19.el6
age: 1
etag: W/"60870080-9a9e"
x-ws-request-id: 61641a53_localhost_48770-14232
x-via: 1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 kf230:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:12 (Cdn Cache Server V2.0)
content-type: text/css

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 9F17 86 KB
30 KB 36ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://enter-shield.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1633950291.dop235.fr8.t,1633950291.cds218.fr8.hn,1633950291.cds261.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 bootstrap.min.js Show response
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ Frame 9F17 36 KB
10 KB 35ms
7ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F74) /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://enter-shield.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11512717
x-cache: HIT
content-length: 9839
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (frc/8F74)
etag: "80bdc1e6cb33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b314bdf1b3.js Show response
kit.fontawesome.com/ Frame 9F17 11 KB
4 KB 51ms
23ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/b314bdf1b3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed604182c192f5ee87b3c1f8bcbcd5310960a2848d2dfad9d8a2c0bab06e249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://enter-shield.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 31
strict-transport-security: max-age=31536000; preload
x-request-id: FqeLm1LboBMDvIcAAGqD
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 69c79c2ba92b4e43-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 form_support.js Show response
enter-shield.com/common_tpls/js/ Frame 9F17 977 B
1 KB 12ms
11ms Script
application/javascript 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://enter-shield.com/common_tpls/js/form_support.js?v=1516308712
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-15.el6 /
Resource Hash: f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
last-modified: Tue, 19 Jan 2021 00:12:19 GMT
server: waf/4.26.4-15.el6
age: 1
etag: "600623e3-3d1"
x-ws-request-id: 61641a53_localhost_48770-14233
content-type: application/javascript
accept-ranges: bytes
content-length: 977
x-via: 1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:3 (Cdn Cache Server V2.0)

GET
H2 200 validate_form_v2.js Show response
enter-shield.com/common_tpls/js/ Frame 9F17 22 KB
23 KB 20ms
19ms Script
application/javascript 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://enter-shield.com/common_tpls/js/validate_form_v2.js?jsv=20
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: 89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
last-modified: Wed, 06 Oct 2021 14:04:56 GMT
server: waf/4.26.4-19.el6
age: 1
etag: "615dad08-5927"
x-ws-request-id: 61641a53_localhost_48770-14234
content-type: application/javascript
accept-ranges: bytes
content-length: 22823
x-via: 1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 kf230:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:10 (Cdn Cache Server V2.0)

GET
H2 200 css2
fonts.googleapis.com/ Frame 9F17 3 KB
561 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce37db8136546197bf5b555d0baede4d5944955799fdf64a7ebabca3599164e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:04:51 GMT
server: ESF
date: Mon, 11 Oct 2021 11:04:51 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 11:04:51 GMT

GET
H2 200 email.png
enter-shield.com/common_tpls/images/icons/ Frame 9F17 1 KB
2 KB 9ms
9ms Image
image/png 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://enter-shield.com/common_tpls/images/icons/email.png
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
last-modified: Tue, 16 Jun 2020 16:45:10 GMT
server: waf/4.26.4-19.el6
age: 1
etag: "5ee8f716-4e6"
x-ws-request-id: 61641a53_localhost_48770-14246
content-type: image/png
accept-ranges: bytes
content-length: 1254
x-via: 1.1 lsh190:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:2 (Cdn Cache Server V2.0)

GET
H2 200 password.png
enter-shield.com/common_tpls/images/icons/ Frame 9F17 1 KB
2 KB 9ms
8ms Image
image/png 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://enter-shield.com/common_tpls/images/icons/password.png
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: 8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
last-modified: Tue, 22 Aug 2017 16:35:03 GMT
server: waf/4.26.4-19.el6
age: 1
etag: "599c5d37-5ac"
x-ws-request-id: 61641a53_localhost_48770-14248
content-type: image/png
accept-ranges: bytes
content-length: 1452
x-via: 1.1 lsh190:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:10 (Cdn Cache Server V2.0)

GET
H2 200 iframeResizer.contentWindow.min.js Show response
enter-shield.com/common_tpls/js/ Frame 9F17 13 KB
13 KB 11ms
11ms Script
application/javascript 163.171.128.172
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://enter-shield.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by: Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.26.4-19.el6 /
Resource Hash: 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:51 GMT
last-modified: Thu, 04 Feb 2016 15:05:04 GMT
server: waf/4.26.4-19.el6
age: 1
etag: "56b368a0-3445"
x-ws-request-id: 61641a53_localhost_48770-14244
content-type: application/javascript
accept-ranges: bytes
content-length: 13381
x-via: 1.1 lsh190:2 (Cdn Cache Server V2.0), 1.1 kf230:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:5 (Cdn Cache Server V2.0)

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 9F17 315 KB
53 KB 39ms
20ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 1523686
etag: "610ae215-d3b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 69c79c2fa8f74e43-FRA
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 9F17 26 KB
4 KB 49ms
30ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:04:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 1523686
etag: "610ae215-1062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 69c79c2fa8fb4e43-FRA
content-length: 4194

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 9F17 45 KB
17 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://enter-shield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1439
date: Mon, 11 Oct 2021 10:40:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 11 Oct 2021 12:40:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 8 KB
8 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 392421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 22:04:31 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 8 KB
8 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:13:09 GMT
x-content-type-options: nosniff
age: 543103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 04:13:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 8 KB
8 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 08:02:56 GMT
x-content-type-options: nosniff
age: 270116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 08:02:56 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7V1s.ttf
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 147 KB
67 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7V1s.ttf

Requested by

Host: enter-shield.com
URL: https://enter-shield.com/common_tpls/compactML/css/cejfxr2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a644feb80d29d513d5c0e6c47b84366e426c91643a598164dbfa30a8d211f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enter-shield.com/
Origin: https://enter-shield.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68730
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 15:10:30 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tinder (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| changeImage

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sec-trk-lnk.com/	1970-01-19 22:02:35	Name: AWSALBCORS Value: w4UiHOWN5h6PkMZrar69/qGBrcdVAFeujNz8ZJoybyNnZTbwP2+pu7fHjNDe9JqPhMkJjJL6xZvKn1pVEpYMh/kIQNAi0I2eXWmHJGsULhEsmsDz6PjFsazTIINL
enlistopenly.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 056d77879754f63203532ec2f34dd93e
enter-shield.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 06b8543732693fdd55e735a180a62aa7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
best.elitelovetrc.info
cdnjs.cloudflare.com
code.jquery.com
enlistopenly.com
enter-shield.com
fonts.googleapis.com
fonts.gstatic.com
geoip.openlyenter.com
ka-p.fontawesome.com
kit.fontawesome.com
safecasualdating69.com
ssl.google-analytics.com
www.sec-trk-lnk.com
www.trackdemclicks.com
152.199.19.160
162.0.229.226
163.171.128.172
2001:4de0:ac18::1:a:3a
213.227.156.193
2606:4700:20::681a:415
2606:4700::6810:125e
2606:4700::6812:1734
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a00:1450:4001:82a::2008
54.201.211.101
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
061127e49a90e7f609551e12a8a36d7a7b25103fb5566607732726af81839c8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c
198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d
2826f9525d9ff7b1d86065eb761da940e70856e239875b04e0e67a7c0edf3d4d
2911de3c20ebdd535d1ddc0b1a83e93692c1cf68499e0031c3e33e7c4ddcc8a0
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4bf0c008b8a8e4b48c1734ff85580f8b3bf2ff8829e096ed2d759a335c38b006
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6a0d9a4a6da6d7c7bdb16b333fc573cb5af9e793de362c7fecf313ab88cf528a
6a644feb80d29d513d5c0e6c47b84366e426c91643a598164dbfa30a8d211f7b
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
7ea84c29fdf1ecdc97caf7604e6cd1dbf625862821057f14b82f02a00701af9d
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2
9143b17e79719449bb7e315e4a2a84b456e6fb39486c4232ce7e36b92ad02d42
9dc081383b4871d3a02c315bd5e0dbbd8e6c8b9c7c71cc9b3495abe8f0530655
9e4ec43012e369083ded9e256bb6309204c8c2ce4383a6f00c23d26bbbf83b96
aed604182c192f5ee87b3c1f8bcbcd5310960a2848d2dfad9d8a2c0bab06e249
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
ce37db8136546197bf5b555d0baede4d5944955799fdf64a7ebabca3599164e3
d3d63b7935a380583eff779be162760e9773c3d83d63fd81e0449aea76e794c8
d96d6c7d72113fbff993954d85934754f8743a4fc6d18124aa35c464a0e06ab1
e7ec422b20c12092e5ae042e5af9199a57f09dadc853d38253d22cdf965a6ed8
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
fcc3c0dd45f22d3bd5d08fcf8a6885da5dde6d5b52998c7213605ae3a5259a30

safecasualdating69.com Open in urlscan Pro 162.0.229.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

67 %HTTPS

58 %IPv6

14 Domains

15 Subdomains

9 IPs

3 Countries

1410 kBTransfer

1981 kBSize

3 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

safecasualdating69.com Open in urlscan Pro
162.0.229.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

67 %
HTTPS

58 %
IPv6

14
Domains

15
Subdomains

9
IPs

3
Countries

1410 kB
Transfer

1981 kB
Size

3
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!